Everyday we can read stories about password database hacking, malware, ransomware, and so on, and companies can try to protect themselves by paying professionals that do a more or less good jobs, but individuals can’t afford professional service, so it is harder to protect oneself. One solution is to educate yourself as much as possible, but everybody has the time and/or skills to do it, so developers have worked on FalconGate open source smart gateway that’s supposed to protect home devices against hackers, and alerts the user in case of intrusions on your home network, or devices misbehaving.

Detect and report the presence of Malware executables and other components based on VirusTotal reports

Detect and report Domain Generation Algorithm (DGA) Malware patterns

Detect and report on Malware spamming activity

Detect and report on internal and outbound port scans

Report details of all new devices connected to your network

Block ads based on open source lists

Monitor a custom list of personal or family accounts used in online services for public reports of hacking

The software relies on dependencies such as Bro IDS, Python 2.7, Nginx,Dnsmasq,Exim, and PHP, as well as Have I been pwned API, and as been tested with Debian Jessie Lite on Raspberry Pi 2/3 and Banana Pi M2+ boards, with the Raspberry Pi boards limited to 10/100M Ethernet, potentially a bottlenck if you have a fast Internet connection, but FalconGate should also be supported on other (ARM based) boards running Debian or Ubuntu.

The easiest way to install it to get the SD card image for the tested boards. For other boards, you can try a manual installation:

Shell

1

2

3

4

5

6

sudo apt-getupdate

sudo apt-getinstall git

cd/opt

sudo git clonehttps://github.com/A3sal0n/FalconGate.git

cdFalconGate/

sudo python install.py

This will take a while depending on your platform and storage device. Your FalconGate powered board will also become your new DHCP server, so you’ll need to disable DHCP in your router. Reboot both, and login to the web interface to configure the email address(es) to be used as recipients for alerts and optionally your VirusTotal API key. Finally, remember to change the default root password, and re-generate the SSH keys.

The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.

Subscribe

newestoldestmost voted

Notify of

Guest

tkaiser

Banana Pi M2+ has Gigabit Ethernet (yes, it’s already written wrong in the readme.md of this project — strange).

And it seems this Banana thingie is only mentioned since hardware manufacturer SinoVoip provides a ‘Raspian Jessie Lite’ OS image for this board (running with a smelly 3.4.39 kernel containing no ‘Dirty COW’ fix and maybe also vulnerable to ‘rootmydevice’ and countless other exploitable vulnerabilities known since years — anyone caring about security and using OS images from some Google Drive link without caring about kernel version or manually inserted backdoors should be considered clueless or maybe even stupid as hell).

@tkaiser
Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian on a banana pi with mainline kernel (https://www.armbian.com/banana-pi/) Debian or Ubunto… I would even favourite ubunto because of its more up-tp-date nginx and openssl packages and so on. What do you think? Currently I use the banana Pi only as a private Seafile server, but this here sounds very interesting to give the machine a bit more purpose 🙂

Just to make it clear: I’m no very experienced user, that is why I ask for your experienced opinion.

Generally…I understand how this system works inside my network: if I assume that I would need to simply connect the banana to my routers LAN Port and then change my DHCP from Router to Banana PI, how does that protect me from malicious websites? Do I also have to set the banana to be my DNS server? So the Banana with FalconGate will resolve all my dns requests?

Do you guys think that a dual core banana pi is powerful enough for that? Or what would be a better low power SBC solution for this?

Thank you very much in advance

Vote Up0Vote Down Reply

2 years ago

Guest

Twig

have a spare Pi2 so I gave it a run on an isolated network. The web interface only allows configuration of a virustotal key and there is not much info on anything except dhcp clients.

I like the idea of of the project, especially the IDS but it seems very early on in the development.

Vote Up0Vote Down Reply

2 years ago

Guest

Igor

blocking tor relays does not make any sense. they are idiots

Vote Up0Vote Down Reply

2 years ago

Guest

tkaiser

infinity :
Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian

No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it.

You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some Chinese Raspbian that has been found on Google Drive)

infinity :
Can you say anything whether this FalconGate package will run flawlessly (compatibility question) on armbian

No idea. If this stuff can only run on a Raspbian userland then this is another good reason to not use it.
You might get in contact with the developer if you run in any compatibility problems since Python should run everywhere and writing installers that can deal with every Debian-flavour Linux distros isn’t that hard. And if you’re at it please tell the developer that it’s irresponsible to recommend running ‘security software’ on insecure distros (as it’s done here: some Chinese Raspbian that has been found on Google Drive)

Well…. I think it is obsolete now… they’ve heard the concerns apparently. As I’ve subscribed to the newsletter of FalconGate, I got this email today:

Dear all,

Below you can find some recent developments in our FalconGate smart gateway project:

I dropped him a note how to easily improve compatibility/portability on the Github issue since it looks trivial to make the installer script run on recent Ubuntus and also next Debian/Raspbian release (he has to prepare for anyway).